Computer Forensics Assignment 2 - Essay Example

Computer Forensics Assignment 2 Computer Forensics Assignment 2 Equipment and Software to Purchase A computer forensics lab shouldhave fundamental requirements for conducting investigation and ensuring safe storage of evidence. Those include hardware and software to conduct the investigations and data storage. Remarkably, it is imperative to ensure the lab is safe and productive. To ensure security, the following equipment’s should exist. There should be a safe to serve as a secure container. An example of a secure safe is a heavy-duty cabinet. It should be under regular lock and only accessible to authorized staff serving at the lab. It is necessary to purchase equipment that are necessary to set up a TEMPEST-qualified lab. That demands setting up evidence storage container or lockers. Such lockers ensure security of evidence stored and restricted access by authorized staff. Locks installed should be of high quality and have limited possibilities of distribution of duplicate-keys.
Source: EC-Council (2009)
Evidence storages should be subject to regular inspections to ensure only current evidence are kept therein and closed cases’ evidence are relocated to secure locations in an off-site facility. The evidence container should be in a position restricted to authorized staff members and the number of people granted access should be minimum. Furthermore, only authorized staff members should inspect lock combinations. In case the investigations use intel-based PCs, computers are necessary. There is need to acquire the right Operating Systems (OS) and other applications. Computer forensics software package should form part of the software acquired (Nelson, Phillips & Steuart, 2009). Specialized software are similarly important. They include software such as Peachtree. Disk-editing software are also necessary for evidence analysis (Nelson, Phillips & Steuart, 2009).
Source: EC-Council (2009)
Documenting the crime scene and collect and package the evidence
Computers may contain incriminating evidence including DNA but professional curiosity has a potential to destroy evidence. It is, therefore, imperative to properly document, collect and package the evidence from a crime scene. The U.S DOJ standards for seizing digital evidence are applicable (The Office of Legal Education, 2011). In the case of a drug dealer’s computer, the following process should be applicable. The investigator should seize the computer together with other peripherals found at the scene. Peripherals include cell phones, scanners and cameras. Printers CDs, DVDs and USB devices should also be seized.
Source: Department of Justice (2008)
Source: Department of Justice (2008)
After that, the investigators should recognize information that can serve as evidence from the scene of crime. The next stage is to document the evidence collected from the scene. Collect the computer document that exists in the storage devices. E-mails, texts and internet histories form a great part of the information that should be collected during the investigations (NFSTC, 2010). Online-based backup systems are valuable sources of information that are important during investigations (Taylor et al., 2010). The DSL connection should, as well, be documented during the time of evidence collection. In an attempt to avoid alteration of data, it is imperative to document all activities that were occurring in the computer at the time of collecting evidence. Photographs of the computer should be taken to show the state it was found at the time of evidence collection. All evidence collected from the scene should be in safe custody and handled by professionals.
References
EC-Council (2009). Computer Forensics: Investigation Procedures and Response. Clifton Park, NY: Cengage Learning.
National Forensic Science Technology Center (NFSTC). (2010). A Simplified Guide to Digital Evidence. Retrieved May 25, 2015 from http://www.crime-scene-investigator.net/SimplifiedGuideDigitalEvidence.pdf
Nelson, B., Phillips, A., & Steuart, C. (2009). Guide to computer forensics and investigations. Cengage Learning.
Taylor, M., Haggerty, J., Gresty, D., & Hegarty, R. (2010). Digital evidence in cloud computing systems. Computer Law & Security Review, 26(3), 304-308.
The Office of Legal Education (2011). Seizing Computers and Obtaining Electronic Evidence in Criminal Investigations. Retrieved May 25, 2015 from http://www.justice.gov/criminal/cybercrime/docs/ssmanual2009.pdf
U.S. Department of Justice. (2008, April). Electronic Crime Scene Investigation: A Guide for First Responders, Second Edition. On Demand Publishing, LLC-Create Space. Read More